search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add.
[gnutls.git] / lib / gnutls_v2_compat.c
blob26fcec7091094a1c79de7bd1b1f1af8ba55a4ac7
1 /*
2 * Copyright (C) 2001, 2004, 2005, 2006 Free Software Foundation
3 *
4 * Author: Nikos Mavroyanopoulos
5 *
6 * This file is part of GNUTLS.
7 *
8 * The GNUTLS library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 2.1 of
11 * the License, or (at your option) any later version.
12 *
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
17 *
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this library; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
21 * USA
22 *
23 */
24
25 /* Functions to parse the SSLv2.0 hello message.
26 */
27
28 #include "gnutls_int.h"
29 #include "gnutls_errors.h"
30 #include "gnutls_dh.h"
31 #include "debug.h"
32 #include "gnutls_algorithms.h"
33 #include "gnutls_compress.h"
34 #include "gnutls_cipher.h"
35 #include "gnutls_buffers.h"
36 #include "gnutls_kx.h"
37 #include "gnutls_handshake.h"
38 #include "gnutls_num.h"
39 #include "gnutls_hash_int.h"
40 #include "gnutls_db.h"
41 #include "gnutls_extensions.h"
42 #include "gnutls_auth_int.h"
43
44 /* This selects the best supported ciphersuite from the ones provided */
45 static int
46 _gnutls_handshake_select_v2_suite (gnutls_session_t session,
47 opaque * data, int datalen)
48 {
49 int i, j, ret;
50 opaque *_data;
51 int _datalen;
52
53 _gnutls_handshake_log ("HSK[%x]: Parsing a version 2.0 client hello.\n",
54 session);
55
56 _data = gnutls_malloc (datalen);
57 if (_data == NULL)
58 {
59 gnutls_assert ();
60 return GNUTLS_E_MEMORY_ERROR;
61 }
62
63 if (datalen % 3 != 0)
64 {
65 gnutls_assert ();
66 return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
67 }
68
69 i = _datalen = 0;
70 for (j = 0; j < datalen; j += 3)
71 {
72 if (data[j] == 0)
73 {
74 memcpy (&_data[i], &data[j + 1], 2);
75 i += 2;
76 _datalen += 2;
77 }
78 }
79
80 ret = _gnutls_server_select_suite (session, _data, _datalen);
81 gnutls_free (_data);
82
83 return ret;
84
85 }
86
87
88 /* Read a v2 client hello. Some browsers still use that beast!
89 * However they set their version to 3.0 or 3.1.
90 */
91 int
92 _gnutls_read_client_hello_v2 (gnutls_session_t session, opaque * data,
93 int datalen)
94 {
95 uint16_t session_id_len = 0;
96 int pos = 0;
97 int ret = 0;
98 uint16_t sizeOfSuites;
99 gnutls_protocol_t version;
100 opaque rnd[TLS_RANDOM_SIZE];
101 int len = datalen;
102 int err;
103 uint16_t challenge;
104 opaque session_id[TLS_MAX_SESSION_ID_SIZE];
105 gnutls_protocol_t ver;
106
107 /* we only want to get here once - only in client hello */
108 session->internals.v2_hello = 0;
109
110 DECR_LEN (len, 2);
111
112 _gnutls_handshake_log
113 ("HSK[%x]: SSL 2.0 Hello: Client's version: %d.%d\n", session,
114 data[pos], data[pos + 1]);
115
116 set_adv_version (session, data[pos], data[pos + 1]);
117
118 version = _gnutls_version_get (data[pos], data[pos + 1]);
119
120 /* if we do not support that version
121 */
122 if (_gnutls_version_is_supported (session, version) == 0)
123 {
124 /* If he requested something we do not support
125 * then we send him the highest we support.
126 */
127 ver = _gnutls_version_max (session);
128 if (ver == GNUTLS_VERSION_UNKNOWN)
129 {
130 /* this check is not really needed.
131 */
132 gnutls_assert ();
133 return GNUTLS_E_UNKNOWN_CIPHER_SUITE;
134 }
135 }
136 else
137 {
138 ver = version;
139 }
140
141 _gnutls_set_current_version (session, ver);
142
143 pos += 2;
144
145
146 /* Read uint16_t cipher_spec_length */
147 DECR_LEN (len, 2);
148 sizeOfSuites = _gnutls_read_uint16 (&data[pos]);
149 pos += 2;
150
151 /* read session id length */
152 DECR_LEN (len, 2);
153 session_id_len = _gnutls_read_uint16 (&data[pos]);
154 pos += 2;
155
156 if (session_id_len > TLS_MAX_SESSION_ID_SIZE)
157 {
158 gnutls_assert ();
159 return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
160 }
161
162 /* read challenge length */
163 DECR_LEN (len, 2);
164 challenge = _gnutls_read_uint16 (&data[pos]);
165 pos += 2;
166
167 if (challenge < 16 || challenge > TLS_RANDOM_SIZE)
168 {
169 gnutls_assert ();
170 return GNUTLS_E_UNSUPPORTED_VERSION_PACKET;
171 }
172
173 /* find an appropriate cipher suite */
174
175 DECR_LEN (len, sizeOfSuites);
176 ret = _gnutls_handshake_select_v2_suite (session, &data[pos], sizeOfSuites);
177
178 pos += sizeOfSuites;
179 if (ret < 0)
180 {
181 gnutls_assert ();
182 return ret;
183 }
184
185 /* check if the credentials (username, public key etc.) are ok
186 */
187 if (_gnutls_get_kx_cred
188 (session,
189 _gnutls_cipher_suite_get_kx_algo (&session->security_parameters.
190 current_cipher_suite),
191 &err) == NULL && err != 0)
192 {
193 gnutls_assert ();
194 return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
195 }
196
197 /* set the mod_auth_st to the appropriate struct
198 * according to the KX algorithm. This is needed since all the
199 * handshake functions are read from there;
200 */
201 session->internals.auth_struct =
202 _gnutls_kx_auth_struct (_gnutls_cipher_suite_get_kx_algo
203 (&session->security_parameters.
204 current_cipher_suite));
205 if (session->internals.auth_struct == NULL)
206 {
207
208 _gnutls_handshake_log
209 ("HSK[%x]: SSL 2.0 Hello: Cannot find the appropriate handler for the KX algorithm\n",
210 session);
211
212 gnutls_assert ();
213 return GNUTLS_E_INTERNAL_ERROR;
214 }
215
216
217
218 /* read random new values -skip session id for now */
219 DECR_LEN (len, session_id_len); /* skip session id for now */
220 memcpy (session_id, &data[pos], session_id_len);
221 pos += session_id_len;
222
223 DECR_LEN (len, challenge);
224 memset (rnd, 0, TLS_RANDOM_SIZE);
225
226 memcpy (&rnd[TLS_RANDOM_SIZE - challenge], &data[pos], challenge);
227
228 _gnutls_set_client_random (session, rnd);
229
230 /* generate server random value */
231
232 _gnutls_tls_create_random (rnd);
233 _gnutls_set_server_random (session, rnd);
234
235 session->security_parameters.timestamp = time (NULL);
236
237
238 /* RESUME SESSION */
239
240 DECR_LEN (len, session_id_len);
241 ret = _gnutls_server_restore_session (session, session_id, session_id_len);
242
243 if (ret == 0)
244 { /* resumed! */
245 /* get the new random values */
246 memcpy (session->internals.resumed_security_parameters.
247 server_random, session->security_parameters.server_random,
248 TLS_RANDOM_SIZE);
249 memcpy (session->internals.resumed_security_parameters.
250 client_random, session->security_parameters.client_random,
251 TLS_RANDOM_SIZE);
252
253 session->internals.resumed = RESUME_TRUE;
254 return 0;
255 }
256 else
257 {
258 _gnutls_generate_session_id (session->security_parameters.
259 session_id,
260 &session->security_parameters.
261 session_id_size);
262 session->internals.resumed = RESUME_FALSE;
263 }
264
265 session->internals.compression_method = GNUTLS_COMP_NULL;
266
267 return 0;
268 }
Implementation of the SSL/TLS protocol